How to Recover from Twitter Phishing Scams

So, you get a tweet or more likely a direct message that says something like, “I’m 24/female/horny” or “Is this you??” or simply “This you????” with an innocent looking URL attached. Other variations are: “Hey, I’ve been having better sex and longer with this here” and “somebody wrote something about you in this blog here”.

Do yourself a favor…

DON’T OPEN THAT FILE!!!

Trust me, it’s NOT going to be pics of THIS girl.

That’s Shennekia Grimshaw, a major east coast model and personal friend. And believe me, she doesn’t need to send out random phishing scams to get attention.

Instead, if you open that file you’ll only find a major Twitter Fail for you!!

Why? Because it hacks your Twitter account and propogates the same message to everyone who follows you.

It’s a Twitter Phishing scam, and it’s all over Twitter right now. It’s estimated that as many as 10 million people have been hit so far. So many that Twitter itself has been seriously stressing for days. Here’s what you can do about it.

1. WHATEVER YOU DO, DON’T OPEN THAT FILE!!! No babes inside!! Did I have to say that again? Well, ok, if you already opened it, there’s a simple fix.

2. It is NOT necessary to block the sender. I’m saying this because blocking the sender only reduces the size of your network, and as prevalent as this scam is today, you could loose a significant number of connections this way. Totally not necessary.

3. Instead, delete the message that contains the phishing link. This will get the problem off your Twitter page. (It will also delete the message from the sender’s tweets tab, so it’s effectively gone from their sight as soon as someone does this. Conversely, if the sender deletes the tweet it will disappear from your mail box as well.)

5. From Twitter, go to Settings and then Password to change your password. You should do this regularly anyway.

6. Again from Twitter, go to Settings Connections and delete any unauthorized connections or any that you suspect may be a source of the Tweet. Keep in mind that if you use Twitter from multiple computers or mobile devices, the Connections setting will look different from each device. This is an anomaly of Twitter Connections.

7. Keep in mind that only people who you are following, or applications that you have approved to connect to your account, can send you a direct message. If the phished message came from someone you know, be courteous enough to send your connection a direct message or an email telling them that they have been phished and linking them to this blog so they can know what to do about it, too.

8. One other thing: If you encounter a tweet that offers to help you recover from a Twitter phishing scam by linking you directly to your settings, password or connections, GET OUT OF IT RIGHT AWAY!! This is merely another phishing scam trying to get hold of your password.

9. If you feel that you have been deliberately hacked, report the hack to Twitter.You can do this by sending a tweet directly to @feedback, which is the verified Twitter feedback account. Other useful security resources on Twitter are @safety and @spam, which are the verified Twitter accounts for SpamWatch and other safety-related alerts. These accounts provide all official Twitter notifications and information about spam attacks, including this recent update. (You might want to friend that account and put it in a list of security resources.)

10. IF YOU REALLY FEEL THE NEED to take extra precautions to avoid phishing scams, or you are just tired or receiving too much junk mail, you can disable your direct message option from Settings/Notices. Keep in mind this will stop any direct messaging to your mobile Twitter account as well.

Finally, set up another Twitter account from which you can monitor your own Tweet stream. If no one tells you your account has been phished, this at least gives you a fighting chance.